Tag Archives Remote Code Execution

Drupal Vulnerability: Highly Critical Remote Code Execution Vulnerability Found

Occupying a significant market share in Content Management Systems (CMS) used to develop websites, after Wordpress and Joomla, Drupal is a highly sought after CMS by major businesses and government organizations including the White House. Drupal is arguably the most secure CMS as it strictly adheres to online software standards (OWASP). While Drupal has gained prominence with the developers, it embodies an active…

Magento SUPEE-10266 and New Versions: Update Immediately

Magento, one of the most favored e-commerce platforms, is often a target for cyber-criminals. Its huge popularity owes to its strict security practices, a timely update of system core and immediate fixes to security issues. Magento's latest security update contains multiple security enhancements. These updates relate to the Magento Open Source (formerly Community Edition) and Magento Commerce (formerly Enterprise Edition).…

Third in line for the world's most popular Content Management System after juggernaut Wordpress and Joomla, Drupal is a sought after CMS powering websites including MTV, Popular Science, Sony Music, Harvard and MIT. Like every other CMS, Drupal has been at the center of notoriety a few times due to impending vulnerabilities in it. Listed below are the 5 most critical…

In an age when we are constantly developing innovative solutions to brace against sophisticated cyber attacks, we often underestimate the havoc that can be unleashed by the benign-looking, more elementary attack forms. They may not make big headlines as the high-profile cyber attacks, but they can be disastrous as well. Local File Execution (LFI) and Remote File Execution (RFI) are similar…

Recently a new severe 0-day Magento vulnerability has been released by DefenceCode team in an advisory. If you are vulnerable from this, attackers are capable of remotely executing  arbitrary code. As of now the vulnerability has been confirmed for the Magento Community edition as the researcher did not test for the enterprise edition. But since both the version use same base code there is…

Close